Justification of SFTP

To: <ietf-ssh%netbsd.org@localhost>
Subject: Justification of SFTP
From: "Joseph Galbraith" <galb-list%vandyke.com@localhost>
Date: Wed, 20 Mar 2002 15:23:15 -0700

On my way back from Minneapolis, I reviewed the
NFS draft, something I'd been intending to do
for a while.

As I did so, I had some thoughts both on why
we want to do SFTP and what our objectives are.

First off the objectives:

1. Customers want a secure file sharing application.
2. Customers don't want to run another service on
   their servers.  They want the file sharing capability
   built into SSH.
3. SFTP is a light-weight file sharing / transfer protocol.
4. SFTP takes advantage of existing SSH standards / code
   to keep specification small (i.e., we don't need
   to specify anything about authentication, privacy,
   or integrity, as these are provided by SSH.)
3. SFTP is easy to implement based on SSH (i.e., uses the
   same packetizing, data types, etc., so that it
   fits well into a SSH implementation.)
4. SFTP should borrow from NFS or other protocols
   when appropriate to reduce the amount of work
   we have to do in solving problems and doing specifications.

There are several major reasons that I think
the SFTP work needs to move forward:

1. Ease of implementation in SSH.

   The structure and philosophy of the SFTP design
   integrates well into an SSH implementation.

   Using FTP or NFS (or some variant there of)
   on top of in conjunction with SSH does not
   have this property.

2. Simplicity.  NFS at least is a 212 page draft.
   (I'm not sure about FTP.)

   SFTP on the other hand, weighs in at a stunning
   20 pages.  I suspect by the time we complete
   SFTP it may have grown somewhat -- I'd be surprised
   if we exceed 50 pages though.

3. Doesn't require a 'separate' piece of software,
   that is maintained separately.

   From the customers standpoint, I believe this is
   the most significant.

4. Integrates well with existing SSH applications.

   Because SFTP is integrated with the SSH protocol,
   it is easier to do things like run both file transfer
   and shell over the same connection, or, have a command
   in the shell trigger the SFTP upload or download.

   I believe this kind of thing would be harder and more
   awkward to achieve using another protocol bolted on
   top of SSH.

- Joseph

Prev by Date: Internationaliztion: UTF-8 for file names
Next by Date: Re: SFTP owner, group and mode flags...
Previous by Thread: Internationaliztion: UTF-8 for file names
Next by Thread: SSH2 Encrypted Private Key
Indexes:

Home | Main Index | Thread Index | Old Index